Explore top 10 tips to secure your open-source projects now. Read More
×
libarchive could be made to crash or run programs as your login if it
opened a specially crafted file.
Software Description:
- libarchive: Library to read/write archive files
Details:
It was discovered that libarchive incorrectly handled certain ISO 9660
image files. If a user were tricked into using a specially crafted
ISO 9660 image file, a remote attacker could cause libarchive to crash or
possibly execute arbitrary code with user privileges. (CVE-2011-1777)
It was discovered that libarchive incorrectly handled certain tar archive
files. If a user were tricked into using a specially crafted tar file, a
remote attacker could cause libarchive to crash or possibly execute
arbitrary code with user privileges. (CVE-2011-1778)
The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: libarchive1 2.8.4-1ubuntu0.11.10.1 Ubuntu 11.04: libarchive1 2.8.4-1ubuntu0.11.04.1 Ubuntu 10.10: libarchive1 2.8.4-1ubuntu0.10.10.1 Ubuntu 10.04 LTS: libarchive1 2.8.0-2ubuntu0.1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-1310-1
CVE-2011-1777, CVE-2011-1778
Get the latest Linux and open source security news straight to your inbox.